supply-chain-security
Safeguard articles tagged "supply-chain-security" — guides, analysis, and best practices for software supply chain and application security.
1045 articles
CVE explained: how vulnerabilities get identified and scored
A CVE ID and its CVSS score come from different organizations entirely. Here's how identification and severity scoring actually work, using Log4Shell and the 2024 NVD backlog as examples.
Go security cheat sheet for developers
A practical Go security cheat sheet: the real vulnerability classes, must-patch stdlib CVEs, and dependency scanning tactics developers need to know.
CVSS scoring explained, and where severity scores go wrong
CVSS score explained through a real case where CVSS, EPSS, and KEV disagreed, showing why severity alone misleads prioritization decisions.
Best Software Composition Analysis tools/services ranked ...
We compare Safeguard and Mend.io on verifiable SCA dimensions — company history, Renovate, SBOM depth, and build provenance — for buyers evaluating tools in 2026.
10 React security best practices
Real CVEs, real npm supply chain hijacks, and the concrete React practices — from CSP to token storage — that actually stop them.
Best SBOM tools for automating bill-of-materials generation
A practical look at the best SBOM tools for 2026, comparing how Safeguard and Mend.io generate, format, and continuously update software bills of materials.
Comparing React and Angular secure coding practices
React auto-escapes JSX but not URLs; Angular sanitizes by context but allows explicit bypasses. Here's where each framework's XSS defenses actually stop.
Top container security tools to evaluate
Comparing Safeguard and Mend.io on the dimensions that actually matter for container security: scanning engine transparency, air-gapped support, registry coverage, and product origin.
Securing Next.js applications and middleware
CVE-2025-29927 let attackers bypass Next.js middleware auth with one header. Here's how that and three other real CVEs expose middleware, Server Actions, and caching.
Mend.io alternatives for SCA/AppSec buyers
A concrete look at Mend.io alternatives for SCA and AppSec buyers, comparing policy enforcement, SBOM generation, and build integrity against Safeguard's unified platform.
CVE-2025-29927: Next.js middleware authorization bypass
A spoofable internal header let attackers skip Next.js middleware outright, bypassing auth and route protection across many production deployments.
Open source vulnerability management workflow (detect, pr...
A concrete look at the detect-prioritize-remediate workflow for open source vulnerability management, where Mend.io's SCA approach falls short, and how Safeguard closes the gap.